121 Security Frameworks Jobs - Page 5

Apteanis seeking a Senior Penetration Tester with strongDevSecOpsexpertise to play adual-rolein our offensive security and secure development lifecycle initiatives. You will lead advanced penetration testing engagements, red team operations, and threat simulations across enterprise environments while also driving secure software practices by integrating security into CI/CD pipelines. This role blends deep offensive security capabilities with hands-onDevSecOpsimplementation, contributing to both proactive and preventative cybersecurity postures. Key Responsibilities: Offensive Security & Penetration Testing Lead and perform advanced penetration testing across: Web, mobile (iOS/Android), and desktop/thick client applications APIs (REST,GraphQL, SOAP) with focus on business logic vulnerabilities Internal/external networks and hybrid infrastructure (on-prem and cloud) Execute red team engagements simulating real-world adversaries (APT-style) Targeting Windows Active Directory, Linux systems, and cloud platforms (AWS, Azure, GCP) Employing post-exploitation, lateral movement, and persistence techniques Build andmaintainoffensive infrastructure (C2 servers, phishing platforms) Develop proof-of-concept exploits and adversary emulation scenarios Deploy andmonitorhoneypots/honeynets for threat detection andbehavioranalysis DevSecOps& Secure SDLC Integrate security tools (SAST, DAST, SCA,IaCscanning) into CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI/CD) Automate security testing and policy enforcement in the development lifecycle Collaborate with DevOps and developers to implement secure coding practices and remediation workflows Build custom scripts/tools for security automation (Python, Bash, PowerShell) Monitor and harden containerized and cloud-native infrastructure (Docker, Kubernetes, serverless) Support security gate controls and compliance checks across release pipelines Reporting, Documentation & Communication Deliver detailed technical reports and executive summaries of findings Present findings to cross-functional stakeholders including engineering and executive leadership Provideactionable remediation guidance with risk prioritization Develop technical documentation, threat playbooks, and attack narratives Leadership, Collaboration & Mentorship Mentor junior penetration testers and review their assessments Lead purple teaming exercises to bridge offensive and defensive capabilities Collaborate with blue teams to enhance detection and response Conduct knowledge sharing sessions and internal capability development Stay current with threat landscape, tools, and techniques Required Qualifications: Experience & Background 810 years in cybersecurity with primary focus on penetration testing and red teaming At least 2 years hands-on experience integrating security in CI/CD andDevSecOpsenvironments Proven leadership in complex offensive security engagements Technical Skills Offensive Security: Advanced penetration testing of web, mobile, and thick client apps Red teaming, lateral movement, and post-exploitation in enterprise environments API security testing and exploitation Tooling & Platforms: Burp Suite, OWASP ZAP, Metasploit, Cobalt Strike,BloodHound, Empire, Sliver Nessus, Nmap,Trivy, AWS Inspector, Azure Defender, GCP SCC GitHub Actions, Jenkins,GitLabCI/CD, Docker,Kubernetes Scripting & Automation: Proficient in Python, Bash, PowerShell (Go or Ruby a plus) Automation of penetration testing tasks and CI/CD integration Cloud & Infrastructure: Hands-on experience in AWS, Azure, GCP environments Active Directory attack techniques (e.g.,Kerberoasting, Golden Ticket) Container and cloud-native attack simulation Security Frameworks: Deep knowledge of OWASP Top 10, MITRE ATT&CK, PTES, STRIDE, PASTA Familiarity with threat intelligence and APT tactics Preferred Qualifications: Certifications One or more of the following: OSCP (Offensive Security Certified Professional) CPENT , GIAC (GPEN, GXPN, GCPN, GWAPT, GMOB) CEH (Certified Ethical Hacker) Specialized Skills Purple teaming and detection tuning Cloud-native and serverless security testing Honeypot/honeynet development Malware analysis fundamentals Threatmodeling(STRIDE, OCTAVE) Experience with regulatory frameworks (NIST, PCI DSS, HIPAA, GDPR) Personal Attributes Strong problem-solving and critical thinking skills Excellent verbal and written communication, including reporting to technical and non-technical audiences Ability to lead, mentor, and collaborate effectively across teams Passion for offensive security, continuous learning, and responsible disclosure Adaptability to fast-paced, evolving threat environments

As an API and Application Security Specialist at Cywarden, you will play a vital role in ensuring the security and integrity of our clients" systems and data. You will collaborate with developers, architects, and security teams to implement advanced security measures across API ecosystems and software applications. Your responsibilities will include developing and implementing security strategies, conducting security assessments, performing threat modeling and risk assessments, managing authentication and authorization mechanisms, enforcing secure coding practices, responding to security incidents, ensuring compliance with industry standards, and maintaining detailed documentation of security policies. You will also provide training to development teams, implement security monitoring solutions, manage security tools for analysis, and develop security policies and procedures. To qualify for this role, you should have a Bachelor's degree in Computer Science or a related field, along with a minimum of 3-5 years of experience in API and application security. You should be proficient in security frameworks and protocols, experienced with API gateways, familiar with RESTful and GraphQL APIs, and have a strong understanding of encryption and authentication mechanisms. Knowledge of security testing tools, secure coding practices, programming languages, DevSecOps practices, and relevant certifications are preferred. Additionally, you should possess excellent problem-solving skills, strong communication skills, and the ability to work collaboratively in a team environment. This is a full-time, permanent position at Cywarden, offering benefits such as paid sick time, paid time off, performance bonuses, and yearly bonuses. The work schedule includes Monday to Friday night shifts on a rotational basis. The work location is in Mohali, Punjab, and reliable commuting or planning to relocate is required. If you meet the qualifications and are passionate about API and application security, we encourage you to apply for this rewarding opportunity at Cywarden.,

As an experienced Identity and Access Management (IAM) professional, you will be responsible for leading IAM operations, which include account provisioning, access control, and audits. Your role will involve architecting and managing IAM systems such as Okta, Active Directory, and G-Suite. Additionally, you will conduct compliance checks to ensure adherence to security frameworks. In this position, your expertise in IAM and Access Control will be crucial, with a required experience of 7-10 years in this field. You should have a deep understanding of identity security, regulatory compliance standards such as SOX and GDPR, and auditing practices. Proficiency in IAM tools like Okta, AD Manager, and Single Sign-On (SSO) systems is essential. Furthermore, as a senior member of the team, you will guide and mentor junior team members, ensuring the accuracy and quality of their IAM work. Your leadership and expertise will be vital in maintaining a secure and compliant IAM environment within the organization.,

As a professional in IT Risk, Compliance, and security, you will play a crucial role in ensuring the security and integrity of core IT projects. Your responsibilities will include assessing audit findings and control weaknesses, collaborating with stakeholders to develop management action plans, and implementing security classification, change controls, and SDLC. Your expertise in industry frameworks such as ISO standards, GDPR, NIST, and PCI DSS will be essential in identifying and mitigating cyber security risks. In addition to your technical skills, you will also utilize your project management experience to plan and execute multiple IT Risk, Compliance, and security operations. You will contribute to the planning of SOX programs, conduct follow-ups on security control implementations, and develop project plans and resource plans to meet client needs. Your ability to communicate effectively and provide regular project updates to clients and leaders will be crucial in ensuring the success of GRC and Security engagements. Your primary skills in Governance, Risk and Compliance (GRC), Security Frameworks, and ISMS Implementation will be instrumental in driving the security initiatives forward. Additionally, possessing certifications such as CISA, CISM, CRISC, or CISSP will further enhance your expertise in the field. Joining Capgemini will provide you with the opportunity to work alongside a collaborative community of colleagues from around the world and contribute to building a more sustainable and inclusive world through technology. Capgemini is a global leader in business and technology transformation, with a strong legacy of over 55 years. As part of a diverse team of 340,000 members in more than 50 countries, you will have the chance to make a tangible impact on enterprises and society. Leveraging your skills in IT Risk, Compliance, and security, you will help unlock the value of technology for clients and address their business needs with innovative solutions. If you are passionate about technology and seeking to shape your career in a dynamic and supportive environment, we invite you to join us at Capgemini.,

Join Strategy s IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy s software applications while using modern security and AI tooling. In this position, you will be responsible for integrating security practices throughout the software development lifecycle, ensuring that our software products are resilient against vulnerabilities. Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing . Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA ) tools. Security Assessments Penetration Testing: Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws. Secure Code Review: Analyze source code and provide security recommendations to developers to ensure adherence to secure coding best practices. Threat Modeling Risk Analysis: Perform threat modeling to anticipate potential attack vectors and improve security architecture. DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating security automation within CI/CD pipelines. Incident Response Remediation: Assist in investigating security incidents related to applications and work with engineering teams to remediate threats. Security Awareness Training: Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices . Bachelor s degree in Computer Science, Engineering, or related field Minimum 2 years of software development or software security experience in an agile environment Hands-on experience.

Assess, prioritize, and manage cybersecurity risks; ensure regulatory compliance and support security governance across IT/OT systems. Required Candidate profile Professionals with experience in cyber risk, controls, regulatory standards (NIST, ISO), and risk quantification across OT/IT environments.

Ready to shape the future of work At Genpact, we don&rsquot just adapt to change&mdashwe drive it. AI and digital innovation are redefining industries, and we&rsquore leading the charge. Genpact&rsquos , our industry-first accelerator, is an example of how we&rsquore scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to , our breakthrough solutions tackle companies most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that&rsquos shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions - we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at and on , , , and . Inviting applications for the role of Consultant , Scrum Master! In this role, you will Manage software development projects: You will lead the planning, design, development, testing, and implementation of software applications Responsibilities Responsible for taking large Enterprise Data and Analytics programs from business cases through post-implementation and benefits tracking. Drive crucial conversations with senior leaders in business and IT to define strategic business cases and measurable benefits. Drive all PMO activities in coordination with a team of senior technical and non-technical professionals dedicated to the implementation and enablement of company-wide data and analytics platforms. Plan, lead and facilitate Agile practices like sprint planning, burn up/burn downs, and cross-functional scrum team dependencies, and create release schedules and related staffing plans. Develop a detailed program execution plan and manage all execution aspects, including program interdependencies, progress metrics, testing, deployment, and enablement. Create crisp and complete documentation to facilitate program reviews and the decision-making process at the Steering Committee. Drive risk mitigation strategies and issue resolution actions with key stakeholders at all levels of the organization. Engage and collaborate with all business and IT functions affected by the program, internal and external partners and vendors. Apply consistency and best practices through program initiation, planning, execution and closing phases, enabling business outcomes and benefits tracking. Manage one to many scrum teams applying Agile principles, practices, and theory. Qualifications we seek in you! Minimum Qualifications / Skills Project / program management experience with dedicated to hands-on project management in the application security space . Knowledge of security frameworks (BSIMM, etc.) and proven experience in managing multiple projects, and programs to improve security capability maturity. Experience with Agile traits and techniques: Lean design, accommodating changing requirements, iterations, and loop feedback with customer involvement. Demonstrated ability to drive Steering Committee meetings with executive management with solid experience in decision-making. Excellent communication skills, problem-solving, conflict/resolution management, active listening, time management, and interpersonal skills. Demonstrated consistent ability to lead cross-functional teams and deliver technical solutions while mitigating or removing hurdles/obstacles. Has a track record of overcoming project crises. Ability to be straightforward, articulate well, and have exceptional listening skills . Demonstrated consistent ability to lead cross-functional teams and deliver solutions. Preferred Qualifications/ Skills Scrum Master, SAFe Agile, PMP certification Knowledge of Change & Incident Management process Excellent communication and people skills Bachelor&rsquos degree or equivalent experience in Computer Information Systems (CIS), Management Information Systems (MIS), Computer Science (CS) or related field ITIL . Certification or working experience using ITIL SM is a plus . Experience with Six Sigma methodology is a plus . Working knowledge of the ServiceNow PPM platform is preferred. Why join Genpact Be a transformation leader - Work at the cutting edge of AI, automation, and digital innovation Make an impact - Drive change for global enterprises and solve business challenges that matter Accelerate your career - Get hands-on experience, mentorship, and continuous learning opportunities Work with the best - Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture - Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let&rsquos build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color , religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

Ready to shape the future of work At Genpact, we don&rsquot just adapt to change&mdashwe drive it. AI and digital innovation are redefining industries, and we&rsquore leading the charge. Genpact&rsquos , our industry-first accelerator, is an example of how we&rsquore scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to , our breakthrough solutions tackle companies most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that&rsquos shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions - we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at and on , , , and . Inviting applications for the role of Senior Principal Consultant, Scrum Master! In this role, you will Manage software development projects: You will lead the planning, design, development, testing, and implementation of software applications Responsibilities Responsible for taking large Enterprise Data and Analytics programs from business cases through post-implementation and benefits tracking. Drive crucial conversations with senior leaders in business and IT to define strategic business cases and measurable benefits. Drive all PMO activities in coordination with a team of senior technical and non-technical professionals dedicated to the implementation and enablement of company-wide data and analytics platforms. Plan, lead and facilitate Agile practices like sprint planning, burn up/burn downs, and cross-functional scrum team dependencies, and create release schedules and related staffing plans. Develop a detailed program execution plan and manage all execution aspects, including program interdependencies, progress metrics, testing, deployment, and enablement. Create crisp and complete documentation to facilitate program reviews and the decision-making process at the Steering Committee. Drive risk mitigation strategies and issue resolution actions with key stakeholders at all levels of the organization. Engage and collaborate with all business and IT functions affected by the program, internal and external partners and vendors. Apply consistency and best practices through program initiation, planning, execution and closing phases, enabling business outcomes and benefits tracking. Manage one to many scrum teams applying Agile principles, practices, and theory. Experience in GenAI project Qualifications we seek in you! Minimum Qualifications / Skills Project / program management experience with dedicated to hands-on project management in the application security space . Knowledge of security frameworks (BSIMM, etc.) and proven experience in managing multiple projects, and programs to improve security capability maturity. Experience with Agile traits and techniques: Lean design, accommodating changing requirements, iterations, and loop feedback with customer involvement. Demonstrated ability to drive Steering Committee meetings with executive management with solid experience in decision-making. Excellent communication skills, problem-solving, conflict/resolution management, active listening, time management, and interpersonal skills. Demonstrated consistent ability to lead cross-functional teams and deliver technical solutions while mitigating or removing hurdles/obstacles. Has a track record of overcoming project crises. Ability to be straightforward, articulate well, and have exceptional listening skills . Demonstrated consistent ability to lead cross-functional teams and deliver solutions. Preferred Qualifications/ Skills Scrum Master, SAFe Agile, PMP certification Knowledge of Change & Incident Management process Excellent communication and people skills Bachelor&rsquos degree or equivalent experience in Computer Information Systems (CIS), Management Information Systems (MIS), Computer Science (CS) or related field ITIL . Certification or working experience using ITIL SM is a plus . Experience with Six Sigma methodology is a plus . Working knowledge of the ServiceNow PPM platform is preferred. Why join Genpact Be a transformation leader - Work at the cutting edge of AI, automation, and digital innovation Make an impact - Drive change for global enterprises and solve business challenges that matter Accelerate your career - Get hands-on experience, mentorship, and continuous learning opportunities Work with the best - Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture - Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let&rsquos build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color , religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

Description We are looking for a skilled Security Auditor to join our team in India. The ideal candidate will have extensive experience in assessing the security posture of IT systems and ensuring compliance with industry standards. The role involves conducting audits, identifying vulnerabilities, and providing recommendations to enhance security measures. Responsibilities Conduct comprehensive security audits of IT systems and networks to identify vulnerabilities and compliance gaps. Develop and implement audit plans and methodologies to assess the effectiveness of security controls. Prepare detailed reports on audit findings and provide actionable recommendations to improve security posture. Work closely with IT teams to ensure remediation of identified vulnerabilities and compliance issues. Stay updated with the latest security threats, trends, and best practices to enhance the auditing process. Assist in the development and maintenance of security policies and procedures. Skills and Qualifications 6-16 years of experience in security auditing or a related field. Strong understanding of security frameworks such as ISO 27001, NIST, and OWASP. Proficiency in risk assessment methodologies and tools. Hands-on experience with security auditing tools and software. Knowledge of network security, application security, and cloud security principles. Strong analytical and problem-solving skills. Excellent communication skills, both verbal and written. Relevant certifications such as CISA, CISSP, or CEH are a plus.

What you will do Let s do this. Let s change the world. In this vital role the Specialist Data Security Engineer covering Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) technologies. This role will report to the Manager, Data Security. This position will provide essential services that enable us to better pursue our mission. Specialist Data Security Engineers operate, manage, and improve Amgen s DLP and Cloud Access Security Broker (CASB) solutions. In our Data Security team, they will identify emerging risks related to changes in cloud technologies, advise management, and develop technical remediations to address those risks. Specialists lead the development of processes and procedures for multiple solutions which enable business units to remediate identify cloud data exposures. They run multiple projects simultaneously to implement and improve the cloud data security protection and use advanced analytics to demonstrate success. This engineer will play a key role in educating and evangelizing to technologists and business leaders the security strategies that both protect and enable business processes related to cloud data handling. Roles & Responsibilities: Designs, operates, maintains, and enhances capabilities for the technical systems that ensure protection of data for all Amgen global operations. Identifies new risk areas for data and plans controls to mitigate those risks. Researches new technologies, processes, and approaches based on industry practices and recommends future plans for data protection. Authors procedures and guidelines and advises on policies related to data protection requirements and remediation or investigation of violations. Develops and conducts training on data protection technologies for operations staff. Educates business leadership about data risk. Advises other technology groups on data protection strategies and recommends appropriate points of both technical and process integration. Partners with the Manager of Data Security to liaise to legal and human resources leadership on violation remediations. Collaborates with cloud strategy leaders and business unit leadership to ensure that cloud data protection is incorporated by design into new business projects. Collaborates with Cloud Security Engineers to integrate cloud data protection technology into the operations of traditional Data Loss Prevention operations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master s degree and 4 to 6 years of experience OR Bachelor s degree and 6 to 8 years of experience OR Diploma and 10 to 12 years of experience. Functional Skills: Must-Have Skills Familiarity with one or more security frameworks, especially in regulated environments. Proficiency specifying requirements for technical systems, as well as designing, implementing, and operating those systems. Expertise in global IT operations, including an understanding of regulatory and cultural differences encountered when dealing with international peers and customers. Demonstrated competence maintaining applications on Windows and Linux based operating systems, and basic understanding of one or more programming or scripting languages. Demonstrated proficiency with one or more Cloud Access Security Platforms (Elastica, Netskope, SkyHigh, etc) Track record of project management leadership, preferably using Agile methodology. Deep knowledge of the principles of Data Protection, including availability, integrity, and confidentiality of data. Good-to-Have Skills: Proficiency with communications focused on both the development of written technical processes and the ability to convey complex ideas clearly in front of an audience. Experience with data analytics focused on building executive reports Reputation of successfully navigating large enterprise environments, understanding both ITIL driven processes and business relationship building Ability to self-direct work on multiple priorities with little to no oversight, based on critical initiatives. Professional Certifications (please mention if the certification is preferred or required for the role): Systems Security Certified Practitioner (SSCP) or Security+ SANS Certifications Cloud security certifications Relevant vendor-specific certifications Soft Skills: Established analytical and gap/fit assessment skills. Ability to work effectively with global, virtual teams High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals Effective presentation and public speaking skills. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

Description We are looking for a Product Security Governance Engineer with 6-8 years of experience to join our team in India. The ideal candidate will be responsible for developing and implementing security governance frameworks, conducting risk assessments, and ensuring compliance with security policies across our product lines. Responsibilities Develop and implement security governance frameworks for product security. Conduct risk assessments and security audits on products throughout the development lifecycle. Collaborate with product teams to ensure compliance with security policies and standards. Provide guidance and support to teams on security best practices and compliance requirements. Monitor and report on the effectiveness of security controls and governance initiatives. Assist in the development of training programs to educate employees on security protocols and practices. Skills and Qualifications 6-8 years of experience in product security governance or related field. Strong understanding of security frameworks such as NIST, ISO 27001, and OWASP. Experience with risk management methodologies and security assessments. Proficiency in security tools and technologies used for product security. Excellent communication and collaboration skills to work with cross-functional teams. Ability to analyze complex security issues and provide actionable recommendations.

Define security frameworks and governance models. Ensure delivery teams adhere to security protocols. Conduct risk assessments and compliance audits.

3-5 yrs of experience in IS GRC focusing on regulatory compliance. Understanding of security standards and frameworks (E.g. ISO 27001, NIST CSF, PCI DSS, SOX 404, SOC2, NIS2 and PCI DSS. Knowledge of Python PySpark or SparkSQL is an added advantage.

What you will do In this vital role the Specialist Data Security Engineer covering Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) technologies. This role will report to the Manager, Data Security. This position will provide essential services that enable us to better pursue our mission. Specialist Data Security Engineers operate, manage, and improve Amgens DLP and Cloud Access Security Broker (CASB) solutions. In our Data Security team, they will identify emerging risks related to changes in cloud technologies, advise management, and develop technical remediations to address those risks. Specialists lead the development of processes and procedures for multiple solutions which enable business units to remediate identify cloud data exposures. They run multiple projects simultaneously to implement and improve the cloud data security protection and use advanced analytics to demonstrate success. This engineer will play a key role in educating and evangelizing to technologists and business leaders the security strategies that both protect and enable business processes related to cloud data handling. Roles & Responsibilities: Designs, operates, maintains, and enhances capabilities for the technical systems that ensure protection of data for all Amgen global operations. Identifies new risk areas for data and plans controls to mitigate those risks. Researches new technologies, processes, and approaches based on industry practices and recommends future plans for data protection. Authors procedures and guidelines and advises on policies related to data protection requirements and remediation or investigation of violations. Develops and conducts training on data protection technologies for operations staff. Educates business leadership about data risk. Advises other technology groups on data protection strategies and recommends appropriate points of both technical and process integration. Partners with the Manager of Data Security to liaise to legal and human resources leadership on violation remediations. Collaborates with cloud strategy leaders and business unit leadership to ensure that cloud data protection is incorporated by design into new business projects. Collaborates with Cloud Security Engineers to integrate cloud data protection technology into the operations of traditional Data Loss Prevention operations. Basic Qualifications: Masters degree and 4 to 6 years of experience OR Bachelors degree and 6 to 8 years of experience OR Diploma and 10 to 12 years of experience. Functional Skills: Must-Have Skills Familiarity with one or more security frameworks, especially in regulated environments. Proficiency specifying requirements for technical systems, as well as designing, implementing, and operating those systems. Expertise in global IT operations, including an understanding of regulatory and cultural differences encountered when dealing with international peers and customers. Demonstrated competence maintaining applications on Windows and Linux based operating systems, and basic understanding of one or more programming or scripting languages. Demonstrated proficiency with one or more Cloud Access Security Platforms (Elastica, Netskope, SkyHigh,etc) Track record of project management leadership, preferably using Agile methodology. Deep knowledge of the principles of Data Protection, including availability, integrity, and confidentiality of data. Good-to-Have Skills: Proficiency with communications focused on both the development of written technical processes and the ability to convey complex ideas clearly in front of an audience. Experience with data analytics focused on building executive reports Reputation of successfully navigating large enterprise environments, understanding both ITIL driven processes and business relationship building Ability to self-direct work on multiple priorities with little to no oversight, based on critical initiatives. Professional Certifications (please mention if the certification is preferred or required for the role): Systems Security Certified Practitioner (SSCP) or Security+ SANS Certifications Cloud security certifications Relevant vendor-specific certifications Soft Skills: Established analytical and gap/fit assessment skills. Ability to work effectively with global, virtual teams High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals Effective presentation and public speaking skills.

Required Skills Qualification Hands-on experience in securing corporate environment. Hands-on experience in security frameworks (NIST, ISO 27001, CIS) and experience with risk management and compliance Hands-on experience securing Windows (Workstations and Servers), Linux (Workstations and Servers), and Mac Hands-on experience conducting risk management by identifying gaps and providing strategies for mitigation. Hands-on experience documenting vulnerability assessment results in a clear and actionable format. Expertise in network security, firewalls, IDS/IPS, and security monitoring tools such as SIEM Proficiency with cloud security technologies (AWS, Azure, GCP) and securing cloud-based infrastructure. Experience with incident response, forensics, and managing security incidents from detection to resolution. Determines security violations and inefficiencies. Knowledge of mergers and acquisitions Experience: Should have relevant experience of at least 10-15 years. Qualification: Engineering (Computers, Electronics, IT) or equivalent

As a Junior Information Protection Analyst, you will be a vital part of our Information Protection team within the Enterprise Data Office (EDO). Your primary responsibility will be to safeguard Organizations data by triaging and reviewing data loss alerts and assisting in the testing and refinement of the playbooks, with a foundational understanding of cyber principles. Key Accountabilities: Triage and Review Alerts: Promptly assess data loss and access violation alerts to determine their severity and potential threats. Take necessary preliminary actions and escalate issues as needed for further analysis. Support Incident Response Assist in the initial stages of the incident response process providing support to senior analysts. Collaborate with team members to ensure efficient management of incidents. Adherence to SOPs and Playbooks: Follow established Standard Operating Procedures and playbooks for initial security incident management. Contribute feedback to refine and enhance SOPs and playbooks through practical application. Experience and Knowledge Required: Basic experience in data protection or security environments, preferably within global organizations. Fundamental understanding of cyber security principles and incident response processes. Strong analytical and problem-solving skills. Awareness of statutory frameworks like the Data Protection Act and GDPR. Effective communication skills and attention to detail when triaging alerts. Willingness to learn and apply established SOPs and playbooks.

What you will do In this vital role the Specialist Data Security Engineer covering Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) technologies. This role will report to the Manager, Data Security. This position will provide essential services that enable us to better pursue our mission. Specialist Data Security Engineers operate, manage, and improve Amgens DLP and Cloud Access Security Broker (CASB) solutions. In our Data Security team, they will identify emerging risks related to changes in cloud technologies, advise management, and develop technical remediations to address those risks. Specialists lead the development of processes and procedures for multiple solutions which enable business units to remediate identify cloud data exposures. They run multiple projects simultaneously to implement and improve the cloud data security protection and use advanced analytics to demonstrate success. This engineer will play a key role in educating and evangelizing to technologists and business leaders the security strategies that both protect and enable business processes related to cloud data handling. Roles & Responsibilities: Designs, operates, maintains, and enhances capabilities for the technical systems that ensure protection of data for all Amgen global operations. Identifies new risk areas for data and plans controls to mitigate those risks. Researches new technologies, processes, and approaches based on industry practices and recommends future plans for data protection. Authors procedures and guidelines and advises on policies related to data protection requirements and remediation or investigation of violations. Develops and conducts training on data protection technologies for operations staff. Educates business leadership about data risk. Advises other technology groups on data protection strategies and recommends appropriate points of both technical and process integration. Partners with the Manager of Data Security to liaise to legal and human resources leadership on violation remediations. Collaborates with cloud strategy leaders and business unit leadership to ensure that cloud data protection is incorporated by design into new business projects. Collaborates with Cloud Security Engineers to integrate cloud data protection technology into the operations of traditional Data Loss Prevention operations. Basic Qualifications: Masters degree and 4 to 6 years of experience OR Bachelors degree and 6 to 8 years of experience OR Diploma and 10 to 12 years of experience. Functional Skills: Must-Have Skills Familiarity with one or more security frameworks, especially in regulated environments. Proficiency specifying requirements for technical systems, as well as designing, implementing, and operating those systems. Expertise in global IT operations, including an understanding of regulatory and cultural differences encountered when dealing with international peers and customers. Demonstrated competence maintaining applications on Windows and Linux based operating systems, and basic understanding of one or more programming or scripting languages. Demonstrated proficiency with one or more Cloud Access Security Platforms (Elastica, Netskope, SkyHigh,etc) Track record of project management leadership, preferably using Agile methodology. Deep knowledge of the principles of Data Protection, including availability, integrity, and confidentiality of data. Good-to-Have Skills: Proficiency with communications focused on both the development of written technical processes and the ability to convey complex ideas clearly in front of an audience. Experience with data analytics focused on building executive reports Reputation of successfully navigating large enterprise environments, understanding both ITIL driven processes and business relationship building Ability to self-direct work on multiple priorities with little to no oversight, based on critical initiatives. Professional Certifications (please mention if the certification is preferred or required for the role): Systems Security Certified Practitioner (SSCP) or Security+ SANS Certifications Cloud security certifications Relevant vendor-specific certifications Soft Skills: Established analytical and gap/fit assessment skills. Ability to work effectively with global, virtual teams High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals Effective presentation and public speaking skills.

Your role and responsibilities The Security Compliance Specialist works with the Security Compliance Leader and will have the execution responsibility around (but not limited to) the following areas: Compliance enforcement: Implementing necessary controls and measure to ensure organization's overall security compliance, in alignment with internal security standards, applicable regulations and industry standards (e.g., ISO 27001, NIST, GDPR). Ensure adherence to the compliance requirements for network infrastructure, OpenShift environments, and IBM Z systems based on the actionable policies and procedures using approved IBM technology choices. Policy Creation and Management: Maintain and enforce security policies, standards, and controls applicable to network operations, cloud environments, and mainframe systems. Partner with IBM CISO organization to regularly review and update security policies to address emerging threats, regulatory changes, and organizational needs. Risk Management: Conduct risk assessments to identify potential compliance gaps and vulnerabilities within the organization's IT environment. Collaborate with IT and security teams to develop risk mitigation strategies and implement necessary compliance controls. Audit and Assessment: Prepare for regular compliance audits for network, OpenShift platform, and IBM Z systems. Ensure prompt rectification of any compliance findings and develop action plans for continuous improvement. Training and Awareness : Conduct comprehensive training programs to raise awareness of security compliance requirements and best practices among employees. Foster a culture of security compliance by regularly communicating the importance of adherence to security standards. Monitoring and Reporting Adopt/leverage metrics and reporting frameworks to continuously monitor compliance status and effectiveness of security controls. Prepare regular reports for executive management on compliance initiatives, audit findings, and the overall status of security compliance across the organization. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Qualifications & Skill 8-10 years of professional experience with at least 5+ years of relevant experience in the information technology security & compliance domain. Bachelor's degree in Cybersecurity, Information Technology, or a related field; advanced degree or security certifications (e.g., CISSP, CISM, CISA) are a plus. Extensive experience in security compliance management, particularly in network security, cloud security, and mainframe environments. Strong understanding of regulatory requirements and compliance frameworks relevant to the industry. Should be open and willingness to learn new technologies and be open for continuous upskilling experience. Excellent analytical and problem-solving skills to assess compliance issues and risks. Strong Proficiency in working with Secured communications across varied Hybrid platforms (On-Prem, On-Cloud etc). Strong leadership and communication skills to influence and guide cross-functional teams. Ability to work collaboratively with various stakeholders, including technical teams, executive management, and external auditors. Proficiency in compliance management tools and security frameworks. Proficiency in automation tools such as Ansible and pipeline orchestration tools such as Tekton and GitHub Actions.

What you will do Lets do this. Lets change the world. In this vital role you will work for the Manager of Endpoint Security, in direct support of the global endpoint management group. This position will provide essential services that enable us to better pursue our mission. The Specialist Endpoint Security Engineer will operate, manage, and improve Amgens endpoint security posture solutions. In the Endpoint Security team, you will identify emerging risks related to endpoint protection, advise management, and develop technical remediations to address those risks. Specialists lead the development of processes and procedures for multiple solutions Amgen utilizes to deliver to the promise of a secure digital workplace. They run multiple projects simultaneously to implement and improve the endpoint security protections and use advanced analytics to demonstrate success. This engineer will play a key role in educating technologists and business leaders about the security strategies that both protect and enable business processes related to cloud data handling. Lets do this. Lets change the world. In this vital role you will: Designs, operates, maintains, and enhances capabilities for the technical systems that ensure protection of endpoints for Amgens global workforce. Works daily alongside the digital workforce experience team to specify, implement, and validate security controls for Amgens workstation and mobile platforms. Identifies new risk areas for data and plans controls to mitigate those risks. Researches new technologies, processes, and approaches based on industry practices and recommends future plans for secure configurations. Authors procedures and guidelines and advises on policies related to workstation and mobile protection requirements and remediation or investigation of violations. Develops and conducts training on protection technologies for operations staff. Educates business leadership about data risk. Consults other technology groups on endpoint protection strategies and recommends appropriate points of both technical and process integration. Partners with the Manager of Endpoint Security to collaborate closely with legal and human resources leadership on violation remediations. Collaborates with architecture strategy leaders and business unit leadership to ensure that security by design configurations are incorporated into new business projects. Collaborates with Endpoint Security Engineers to integrate protection technology into the operations of traditional Endpoint Detection and Response operations. Basic Qualifications: Doctorate degree OR Masters degree and 4 to 6 years of Information Security or Information Technology experience OR Bachelors degree and 6 to 8 years of Information Security or Information Technology experience OR Diploma and 10 to 12 years of Information Security or Information Technology experience Preferred Qualifications: Familiarity with one or more security frameworks, especially in regulated environments. Holds or is actively seeking one or more security related certifications, preferably with a focus on cloud technologies or data protection. Proficiency specifying requirements for technical systems, as well as designing, implementing, and operating those systems. Expertise in global IT operations, including an understanding of regulatory and cultural differences encountered when dealing with international peers and customers. Skill with elements of MDM systems such as Intune, Workspace One, and JAMF on Windows, MacOS and iOS based operating systems. Basic capabilities with programming or scripting languages. Understanding of endpoint technologies from a security perspective including the security risks associated with misconfiguration. Experience implementing secure baselines such as DISA STIGs and CIS Benchmarks. Experience with project management workstream leadership, preferably using Agile methodology. Deep knowledge of the principles of endpoint protection, including availability, integrity, and confidentiality of user devices. Good-to-Have Skills Proficiency with communications focused on written technical processes and the ability to convey complex ideas clearly in front of an audience. Experience with data analytics in building executive reports. Reputation of successfully navigating large enterprise environments, understanding both ITIL driven processes and business relationship building Ability to self-direct work on multiple priorities with little to no oversight, based on critical initiatives. Work Hours This position requires you to work from 2:00pm to 10:00pm IST. Professional Certifications: Systems Security Certified Practitioner (SSCP) or Security+ SANS Certifications Soft Skills: Excellent analytical and troubleshooting skills Highly motivated and able to work effectively under minimal supervision Strong written and verbal communication skills in English Successful management of multiple priorities Effective working with global, virtual teams Team-oriented, placing priority on the successful completion of team goals

We are seeking a highly skilled and experienced L3Engineer to join our cybersecurity team. The ideal candidate will have extensive experience in Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), Web Application Firewall (WAF)

Location: Remote- Delhi / NCR,Bangalore/Bengaluru,Hyderabad/Secunderabad,Chennai,Pune,Kolkata,Ahmedabad,Mumbai Job Responsibilities: . Architect and design secure, scalable Salesforce solutions aligned with business and technical requirements. . Define data models, object relationships, and system integrations with external platforms. . Provide technical leadership and architectural guidance to Salesforce developers and admins. . Oversee development using Apex, Lightning Web Components (LWC), Flows, and APIs. . Lead platform integrations using REST/SOAP APIs, MuleSoft, and streaming/event-driven architecture. . Ensure data governance, compliance, and performance optimization across Salesforce implementations. Job Requirements: . Bachelors/Masters degree in Computer Science, Engineering, or a related field. . At least 10+ years of experience in Salesforce development, architecture, and administration. . Strong expertise in Sales Cloud, Service Cloud, Experience Cloud, and the Salesforce Platform. . Proficiency in Apex, LWC, SOQL/SOSL, Flows, and Salesforce integration patterns. . Experience in DevOps, CI/CD pipelines, and agile development methodologies. . Deep understanding of data modeling, security frameworks, and regulatory compliance in Salesforce environments. Nice to Have: . Salesforce Architect Certifications (Technical, System, or Application Architect). . Experience with Marketing Cloud, CPQ, Field Service, or Einstein AI. . Familiarity with cloud services integration (AWS, Azure, or GCP). . Proven experience leading Salesforce digital transformation and enterprise-scale projects.